This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/O58aCTrbE5lgm64c310ntztX4Wk.roa File: O58aCTrbE5lgm64c310ntztX4Wk.roa (raw, json) Hash identifier: 0T3h+C9Xr6EOTPtS+HVLjRGd+kBq9kMPTWwsY3303pg= Subject key identifier: 3B:9F:1A:09:3A:DB:13:99:60:9B:AE:1C:DF:5D:27:B7:3B:57:E1:69 Certificate issuer: /CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1 Certificate serial: 019B78A2B7FEC148EF232F05B67DCF4F7430 Authority key identifier: 5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/O58aCTrbE5lgm64c310ntztX4Wk.roa Signing time: Thu 01 Jan 2026 08:18:08 +0000 ROA not before: Thu 01 Jan 2026 08:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209970 IP address blocks: 45.67.112.0/22 maxlen: 24 185.155.120.0/22 maxlen: 24 2a09:75c0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.mft rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:b7:fe:c1:48:ef:23:2f:05:b6:7d:cf:4f:74:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1 Validity Not Before: Jan 1 08:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3b9f1a093adb1399609bae1cdf5d27b73b57e169 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d2:1b:5f:f4:5b:80:3e:c2:8b:b4:1a:85:60: 24:37:f0:33:8f:38:7b:b6:4a:77:64:bb:3e:aa:21: 10:9b:a7:dd:33:13:1d:fb:b9:94:9c:fc:48:30:06: 5c:bf:86:2e:87:6b:5a:52:4f:bf:14:ca:9c:12:3d: f9:8d:63:b7:9b:5f:41:f3:81:ba:d0:df:ba:3c:fe: 4f:70:05:af:50:6f:03:8c:1b:9d:3c:e6:4c:63:7d: e1:8b:f8:70:d3:3a:59:03:95:13:ea:d8:36:60:6f: fd:98:bf:62:6c:ff:76:b9:27:f5:8f:8b:5d:93:bc: 7f:ed:e7:12:9f:9f:69:8a:9f:23:37:ef:a1:1e:4f: f6:7d:a6:9e:76:e1:c7:13:91:7d:7f:47:56:5f:8a: 22:18:d5:f1:16:78:03:34:39:4c:9c:3f:ba:c5:ef: 3b:69:3a:bb:65:63:65:5d:a4:6a:18:f2:69:bd:e7: 90:ac:f5:4e:e9:4f:a9:6b:35:be:fe:44:9a:ec:eb: 97:74:0f:0a:20:85:d5:e6:61:d1:f4:c0:9d:1a:58: d5:08:a4:7b:cd:16:ea:fa:87:07:a3:ed:e6:4a:13: 98:1b:e2:d8:44:fd:c7:df:c2:15:f1:8d:dd:f1:09: 99:0e:06:45:ce:a8:84:77:d1:c3:2e:2f:af:d7:00: 5e:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:9F:1A:09:3A:DB:13:99:60:9B:AE:1C:DF:5D:27:B7:3B:57:E1:69 X509v3 Authority Key Identifier: keyid:5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/O58aCTrbE5lgm64c310ntztX4Wk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.112.0/22 185.155.120.0/22 IPv6: 2a09:75c0::/29 Signature Algorithm: sha256WithRSAEncryption 4e:b1:dd:0e:92:d6:15:36:38:d2:79:6e:e6:8f:7f:a3:f2:93: df:e7:06:6f:0d:a4:fb:3d:f2:9c:4b:38:25:61:41:52:2f:e8: 34:46:8d:f2:69:e6:9f:55:67:11:db:c7:f6:76:01:d7:e0:45: ee:f0:5f:55:6d:84:07:6a:fd:b4:1f:4b:f2:5a:cb:a2:04:96: 92:72:dd:91:79:54:cc:8f:f5:a9:80:97:f5:e6:2f:66:9a:7e: 31:42:c1:3a:d2:d7:ac:67:7c:bb:f9:86:58:73:0b:0d:6b:55: 0b:8d:c0:0e:e4:d0:f6:4a:4f:2d:6b:6d:5e:d9:c5:29:34:1a: e1:c1:ea:a9:1a:b1:91:50:3d:e1:f5:80:5d:0c:9d:52:5a:0c: 90:f1:33:e3:cb:48:eb:0d:0a:4a:53:67:a1:db:95:e5:23:1a: 9c:6a:22:7a:74:2e:da:74:cf:d5:13:93:6a:36:5c:d6:1f:dc: 78:c7:4f:46:8e:fc:a5:13:da:52:b7:28:da:af:cd:e6:7c:00: 6d:c2:03:6e:02:c9:c1:13:c8:bd:54:fe:d7:9a:a7:fc:54:40: bb:8a:a1:74:f3:55:44:9d:c9:96:f8:dc:45:c9:33:aa:21:09: 12:ac:ca:82:1a:56:61:7f:c2:d1:0d:53:c5:34:eb:56:e4:7a: e4:d8:c9:f5 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt4orf+wUjvIy8Ftn3PT3QwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmZGY1MTZjOTVkZDZlYjJkMWQ5ZGQ0ZTBlMDMyODZjMTkx MWY2ZTEwHhcNMjYwMTAxMDgxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYjlmMWEwOTNhZGIxMzk5NjA5YmFlMWNkZjVkMjdiNzNiNTdlMTY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudIbX/RbgD7Ci7QahWAkN/Azjzh7 tkp3ZLs+qiEQm6fdMxMd+7mUnPxIMAZcv4Yuh2taUk+/FMqcEj35jWO3m19B84G6 0N+6PP5PcAWvUG8DjBudPOZMY33hi/hw0zpZA5UT6tg2YG/9mL9ibP92uSf1j4td k7x/7ecSn59pip8jN++hHk/2faaeduHHE5F9f0dWX4oiGNXxFngDNDlMnD+6xe87 aTq7ZWNlXaRqGPJpveeQrPVO6U+pazW+/kSa7OuXdA8KIIXV5mHR9MCdGljVCKR7 zRbq+ocHo+3mShOYG+LYRP3H38IV8Y3d8QmZDgZFzqiEd9HDLi+v1wBeJQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFDufGgk62xOZYJuuHN9dJ7c7V+FpMB8GA1UdIwQY MBaAFF/fUWyV3W6y0dndTg4DKGwZEfbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzct YmYzZjc5NTFjNWVhLzEvTzU4YUNUcmJFNWxnbTY0YzMxMG50enRYNFdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzctYmYzZjc5NTFjNWVh LzEvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLUNwAwQC uZt4MA0EAgACMAcDBQMqCXXAMA0GCSqGSIb3DQEBCwUAA4IBAQBOsd0OktYVNjjS eW7mj3+j8pPf5wZvDaT7PfKcSzglYUFSL+g0Ro3yaeafVWcR28f2dgHX4EXu8F9V bYQHav20H0vyWsuiBJaSct2ReVTMj/WpgJf15i9mmn4xQsE60tesZ3y7+YZYcwsN a1ULjcAO5ND2Sk8ta21e2cUpNBrhweqpGrGRUD3h9YBdDJ1SWgyQ8TPjy0jrDQpK U2eh25XlIxqcaiJ6dC7adM/VE5NqNlzWH9x4x09GjvylE9pStyjar83mfABtwgNu AsnBE8i9VP7Xmqf8VEC7iqF081VEncmW+NxFyTOqIQkSrMqCGlZhf8LRDVPFNOtW 5Hrk2Mn1 -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:04 2026 by rpki-client